Many businesses that have allowed employees to continue working from home for the foreseeable future are aware that they need to update their cybersecurity. It’s likely that they have allocated some budget and IT resources to make those necessary changes. However, IT budgets are finite. Given the economic disruption of the pandemic, enterprises must strategically decide where to invest their cybersecurity budget most effectively.
There are many different approaches to cybersecurity, and the way your business previously protected data may no longer work in a remote-work paradigm. Here’s how to understand how working from home impacts your data security – as well as some steps to take to make sure you are prioritizing the right things.
Types of cybersecurity
Cybersecurity can be broken out into categories based on what you wish to protect. Cybersecurity practices are commonly classified into one of these five areas:
There are many subcategories within these broad cybersecurity distinctions, but IT professionals tend to focus on these areas.
All these types of cybersecurity are important. When offices are working business as usual, most IT professionals tend to prioritize network security first; devices, applications, and data sharing are all linked through the same network, so protecting the perimeter makes sense.
As more people work remotely, however, investing in network security makes less sense. Data protection and cloud security are more important as our online needs are rapidly changing. With limited investment available, how should you prioritize your cybersecurity?
As one expert reported in Forbes, “To protect customers, employees, and reputations while ensuring compliance with evolving regulations, companies should shift their security strategies from an outdated reliance primarily on ‘perimeter protection’ to a companywide approach based on ‘secure data access.’”
As our online behavior changes, the threats evolve too. Cloud services, for instance, are becoming a new target for hackers. McAfee found that remote attacks on cloud services and collaboration tools, like Slack, increased 630% during the first four months of 2020. Employees are using their own devices and their own networks, so shifting your cybersecurity to focus on cloud security is a good first step to protecting data outside the office firewall.
Data loss prevention, DLP, is another key area for IT professionals. Your enterprise must prioritize building a strategy that prevents unauthorized access to and use of data. There are three key areas here to consider:
In the immediate term, IT professionals need to ramp up cloud security and data security to accommodate remote employees. Here’s how to do it.
One of the easiest ways to improve your data security is by educating your employees. This effort takes time, but very little financial investment.
Teach your team ways they can improve their at-home security practices. Nightfall found that lax email policies contribute to a huge amount of data theft. Poor password hygiene for email accounts – like using “password1234” or another easily guessable code – is a big mistake that many people are (still) making. Companies are also not utilizing multi-factor authentication when signing into accounts. Lack of employee training and clear WFH security policies are further contributing factors to the increase in data theft via email.
Next, address changes to your network security by providing tools for employees to safeguard their personal devices. One study by Security Magazine discovered that 56% of employees are using their personal computers to work remotely in response to COVID-19. Moreover, nearly 25% of employees working from home don’t know what security protocols are in place on their device. IT teams should perform one-on-one audits with each remote worker to assess what security measures are in place and provide the tools and feedback needed to improve the cybersecurity of at-home networks and devices.
Lastly, add an automated DLP solution like Nightfall to dramatically improve your data security.
Nightfall is the industry’s first cloud-native DLP platform that discovers, classifies, and protects data via machine learning. Nightfall is designed to work with popular SaaS applications like Slack & GitHub as well as IaaS platforms like AWS. You can schedule a demo with us below to see the Nightfall platform in action.
“This article is originally posted on Nightfall.ai”
RCS is a full-service IT Managed Service Provider offering IT and Cybersecurity solutions, products, and services to small and medium-sized businesses in the New York Tri State and Atlanta metro areas. To learn more about our business solutions, please contact us.